diff --git a/docs/setup/install/container.md b/docs/setup/install/container.md index 98caa19c..140bd1ea 100644 --- a/docs/setup/install/container.md +++ b/docs/setup/install/container.md @@ -18,10 +18,10 @@ Registry](https://github.com/juanfont/headscale/pkgs/container/headscale). The c ## Configure and run headscale -1. Create a directory on the Docker host to store headscale's [configuration](../../ref/configuration.md) and the [SQLite](https://www.sqlite.org/) database: +1. Create a directory on the container host to store headscale's [configuration](../../ref/configuration.md) and the [SQLite](https://www.sqlite.org/) database: ```shell - mkdir -p ./headscale/{config,lib,run} + mkdir -p ./headscale/{config,lib} cd ./headscale ``` @@ -34,9 +34,10 @@ Registry](https://github.com/juanfont/headscale/pkgs/container/headscale). The c docker run \ --name headscale \ --detach \ - --volume "$(pwd)/config:/etc/headscale" \ + --read-only \ + --tmpfs /var/run/headscale \ + --volume "$(pwd)/config:/etc/headscale:ro" \ --volume "$(pwd)/lib:/var/lib/headscale" \ - --volume "$(pwd)/run:/var/run/headscale" \ --publish 127.0.0.1:8080:8080 \ --publish 127.0.0.1:9090:9090 \ --health-cmd "CMD headscale health" \ @@ -57,15 +58,17 @@ Registry](https://github.com/juanfont/headscale/pkgs/container/headscale). The c image: docker.io/headscale/headscale: restart: unless-stopped container_name: headscale + read_only: true + tmpfs: + - /var/run/headscale ports: - "127.0.0.1:8080:8080" - "127.0.0.1:9090:9090" volumes: # Please set to the absolute path # of the previously created headscale directory. - - /config:/etc/headscale + - /config:/etc/headscale:ro - /lib:/var/lib/headscale - - /run:/var/run/headscale command: serve healthcheck: test: ["CMD", "headscale", "health"] @@ -88,7 +91,7 @@ Registry](https://github.com/juanfont/headscale/pkgs/container/headscale). The c Verify headscale is available: ```shell - curl http://127.0.0.1:9090/metrics + curl http://127.0.0.1:8080/health ``` 1. Create a headscale user: